Beruflich Dokumente
Kultur Dokumente
Number Theory
We’ve now covered most of the basic techniques for writing proofs. So we’re
going to start applying them to specific topics in mathematics, starting with
number theory.
Number theory is a branch of mathematics concerned with the behavior
of integers. It has very important applications in cryptography and in the
design of randomized algorithms. Randomization has become an increasingly
important technique for creating very fast algorithms for storing and retriev-
ing objects (e.g. hash tables), testing whether two objects are the same (e.g.
MP3’s), and the like. Much of the underlying theory depends on facts about
which integers evenly divide one another and which integers are prime.
39
CHAPTER 4. NUMBER THEORY 40
• 7 | 77
• 77 6 | 7
• 7 | 7 because 7 = 7 · 1
• (−3) | 12 because 12 = 3 · −4
An integer p is even exactly when 2 | p. The fact that zero is even is just
a special case of the fact that zero is divisible by any integer.
When we expanded the definition of divides for the second time, we used
a fresh variable name. If we had re-used k, then we would have wrongly
forced b and c to be equal.
The following two claims can be proved in a similar way:
• When constructing math from the ground up, the integers are typically
constructed first and the rationals built from them. So using rationals
to prove facts about integers can lead to circular proofs.
For example, among the integers no bigger than 20, the primes are 2,
3, 5, 7, 11, 13, 17, and 19. Numbers smaller than 2 are neither prime nor
composite.
A key fact about prime numbers is
The word “unique” here means that there is only one way to factor each
integer.
For example, 260 = 2 · 2 · 5 · 13 and 180 = 2 · 2 · 3 · 3 · 5.
We won’t prove this theorem right now, because it requires a proof tech-
nique called “induction,” which we haven’t seen yet.
There are quite fast algorithms for testing whether a large integer is prime.
However, even once you know a number is composite, algorithms for factoring
the number are all fairly slow. The difficulty of factoring large composite
numbers is the basis for a number of well-known cryptographic algorithms
(e.g. the RSA algorithm).
You can find the GCD of two numbers by inspecting their prime factor-
izations and extracting the shared factors. For example, 140 = 22 · 5 · 7 and
650 = 2 · 52 · 13. So gcd(140, 6500) is 2 · 5 = 10.
Similarly, a common multiple of a and b is a number c such that a|c and
b|c. The least common multiple (lcm) is the smallest positive number for
which this is true. The lcm can be computed using the formula:
ab
lcm(a, b) =
gcd(a, b)
140·650
For example, lcm(140, 650) = 10
= 9100.
If two integers a and b share no common factors, then gcd(a, b) = 1. Such
a pair of integers are called relatively prime.
If k is a non-zero integer, then k divides zero. the largest common divisor
of k and zero is k. So gcd(k, 0) = gcd(0, k) = k. However, gcd(0, 0) isn’t
defined. All integers are common divisors of 0 and 0, so there is no greatest
one.
The term “corollary” means that this fact is a really easy consequence of
the preceding claim.
Let’s trace this algorithm on inputs a = 105 and b = 252. Traces should
summarize the values of the most important variables.
x y r = remainder(x, y)
105 252 105
252 105 42
105 42 21
42 21 0
21 0
Since x is smaller than y, the first iteration of the loop swaps x and y.
After that, each iteration reduces the sizes of a and b, because a mod b is
smaller than b. In the last iteration, y has gone to zero, so we output the
value of x which is 21.
To verify that this algorithm is correct, we need to convince ourselves of
two things. First, it must halt, because each iteration reduces the magnitude
of y. Second, by our corollary above, the value of gcd(x, y) does not change
from iteration to iteration. Moreover, gcd(x, 0) is x, for any non-zero integer
x. So the final output will be the gcd of the two inputs a and b.
This is a genuinely very nice algorithm. Not only is it fast, but it involves
very simple calculations that can be done by hand (without a calculator).
It’s much easier than factoring both numbers into primes, especially as the
individual prime factors get larger. Most of us can’t quickly see whether a
large number is divisible by, say, 17.
CHAPTER 4. NUMBER THEORY 46
4.8 Pseudocode
Notice that this algorithm is written in pseudocode. Pseudocode is an ab-
stracted type of programming language, used to highlight the important
structure of an algorithm and communicate between researchers who may
not use the same programming language. It borrows many control constructs
(e.g. the while loop) from imperative languages such as C. But details re-
quired only for a mechanical compiler (e.g. type declarations for all variables)
are omitted and equations or words are used to hide details that are easy to
figure out.
If you have taken a programming course, pseudocode is typically easy to
read. Many small details are not standardized, e.g. is the test for equality
written = or ==? However, it’s usually easy for a human (though not a
computer) to figure out what the author must have intended.
A common question is how much detail to use. Try to use about the same
amount as in the examples shown in the notes. And think about how easily
your pseudocode could be read by a classmate. Actual C or Java code is
almost never acceptable pseudocode, because it is way too detailed.
This code is very simple, because this algorithm has a natural recursive
structure. Our corollary allows us to express the gcd of two numbers in terms
of the gcd of a smaller pair of numbers. That is to say, it allows us to reduce
a larger version of the task to a smaller version of the same task.
CHAPTER 4. NUMBER THEORY 47
• 3 ≡ 10 (mod 7)
• 3 ≡ 38 (mod 7) (Since 38 − 3 = 35.)
• 38 ≡ 3 (mod 7)
• −3 ≡ 3 (mod 6)
• −29 ≡ −13 (mod 8) (Since (−13) − (−29) = 16.)
Notice that [−4], and [10] are exactly the same set as [3]. That is [−4] =
[10] = [3]. So we have one object (the set) with many different names (one
per integer in it). This is like a student apartment shared by Fred, Emily,
Ali, and Michelle. The superficially different phrases “Emily’s apartment”
and “Ali’s apartment” actually refer to one and the same apartment.
Having many names for the same object can become confusing, so people
tend to choose a special preferred name for each object. For the k equiv-
alence classes of integers mod k, mathematicians tend to prefer the names
[0], [1], . . . , [k − 1]. Other names (e.g. [30] when k = 7) tend to occur only as
intermediate results in calculations.
Because standard arithmetic operations interact well with modular con-
gruence, we can set up a system of arithmetic on these equivalence classes.
Specifically, we define addition and multiplication on equivalence classes by:
[x] + [y] = [x + y]
[x] ∗ [y] = [x ∗ y]
This new set of numbers ([0], [1], . . . , [k − 1]), with these modular rules of
arithmetic and equality, is known as the “integers mod k” or Zk for short.
For example, the addition and multiplication tables for Z4 are:
+4 [0] [1] [2] [3]
[0] [0] [1] [2] [3]
[1] [1] [2] [3] [0]
[2] [2] [3] [0] [1]
[3] [3] [0] [1] [2]
CHAPTER 4. NUMBER THEORY 50
2
The “modulo operation” entry on wikipedia has a nice table of what happens in
different languages.